Hello, On Tue, Feb 22, 2011 at 07:31, Xiaoshuo Wu <xiaos...@ftsafe.com> wrote: >> Index: src/libopensc/card-entersafe.c >> =================================================================== >> --- src/libopensc/card-entersafe.c (revision 5121) >> +++ src/libopensc/card-entersafe.c (working copy) >> @@ -953,10 +953,23 @@ >> + r = entersafe_transmit_apdu(card, &apdu, 0, 0, 0, 0); >> >> Use of entersafe_transmit_apdu is redundant here and in 13 other places >> where it is a straight passthrough to sc_transmit_apdu (called with >> 0,0,0,0). For one it makes following the code more difficult and it also >> generates twice as much log (if logging is enabled as identical APDU-s get >> logged twice). > > Sorry for that, only to see the plain APDU before secure message. > >> As the wrapper is used for built-in APDU ciphering and mac-ing, you should >> instead propose a solution for the secure messaging infrastructure in OpenSC >> (ItaCNS, DNIe, IAS/ECC, Feitian have code that deals with it). As you use >> builtin keys for only specific APDU-s this should be the simplest case. > > Yes, you're right. > Juan's proposal is very neat: > http://www.opensc-project.org/pipermail/opensc-devel/2010-October/015199.html > Thanks to him, I'm implementing similar infrastructure in new model driver.
Don't commit to a coding solution *yet* unless you're willing to adapt it if needed. There is now the time to compare the 4 different solutions and find the common ground and middle path. > Here attach the latest patch, slight modified: Please use sc_transmit_apdu directly (here and from now on) for plain APDU-s. Otherwise it would be good to go (if you could restrict to just adding the code block for the feature). The overall usefulness of the patch depends on #334 [1] as well. [1] https://www.opensc-project.org/opensc/ticket/334 Martin. _______________________________________________ opensc-devel mailing list opensc-devel@lists.opensc-project.org http://www.opensc-project.org/mailman/listinfo/opensc-devel
